About BinNavi

Information about BinNavi

Third-Party Software

Many icons used in BinNavi were taken from FamFamFam and
are licensed under the Creative Commons Attribution 2.5 License.

Change Log

Changes in BinNavi 5.0.0 (20th Sept 2012)

Features:

Type system:

The current release of BinNavi features a type system. The type
system allows user to use types and type association within BinNavi. For
more information about the type system and how to use it check out its
manual page.

Multi user collaboration:

The current release of BinNavi features a real time collaboration
feature which is aimed at allowing groups of analysts to work together
on the same project simultaneously. This collaboration is enabled for
all comments available in BinNavi (instruction level comments / basic
block level comments / edge level comments / function level comments /
various node type comments) and for information about views and
functions.

Build update script for BinNavi 4.0.7 databases such that one
can update to 5.0.0.

GUI:

Added a new dialog to edit comments for local and global
instruction comments.

Added a new comment style to code nodes / instructions / edges /
functions / function nodes / text nodes / group nodes. to be able to
display the new multi user comments.

Added a new identity field in the database configuration dialog.

Added syncing for comments in databases between multiple
instances of BinNavi.

Added an user interface for the type system.

Added multiple dialogs to add, remove and change

Added type information to the operand tree nodes.

Added a type dependence graph.

Added drag and drop functionality for type information in the graph view.

Misc:

Updated guava library to version 12.0.1.

Updated the postgresql library.

Updated the jython library.

Updated the Jide GUI components library.

Updated the version of the BinNavi exporter to Version 6.

Bug fixes:

Fixed the code node parser such that comments related to any
object which can hold comments are now loaded in a single query
rather then individual queries.

Fixed an inlining issue where the code did not guarantee that
the edges included in the inlining action would always come out in
the same order when iterated.

Fixed test runs to include tests which were formerly not
included in the test set.

Removed the support for ECMAScript.

Changes in BinNavi 4.0.7 (14th March 2012)

Plugins:

Fixed the IGraphMenuPlugin interface.

Changes in BinNavi 4.0.6 (6 January 2012)

Database:

Fixed a bug related to deleting comments in code nodes.

Performance enhancement for storing view settings in the
database.

Misc:

Updated the yfiles version to 2.9.

Updated the guava library versions.

Better handling of interrupted exceptions.

Fixed a listener bug which generated an exception after a series
of view events and actions taking place.

More use of preconditions in public functions.

Changes in BinNavi 4.0.5 (17th November 2011)

Database:

Fixed an issue where the old configuration file
on startup was still using a MySQL driver path.

Reduced the query timings in database conversion
queries for large databases and large modules smaller queries will
also see some speedup but not as significant.

Added some indices to the database exporter
tables to speed up the conversion process.

Debugger:

Reworked the handling of Breakpoints:

Breakpoint commands are now sent in
batches (reduces runtime of set/remove commands)

Unified the central component of the
debugger to better handle large amounts of breakpoints (>
100000).

Changed the behavior of module loading /
unloading to better perform with large breakpoint counts.

Fixed an issue in the debugger where a large
number of threads running in the target process can lead to an
Access Violation Exception. The debug client used to change
pages to RW for breakpoint set / remove operations for threads
accessing this page thus lead to the exception.

Fixed an issue where a right click on a function
call would cause an exception in some debug conditions.

Changed boost includes from 1.44 to 1.47.

GUI:

Changed behavior of the Breakpoint table to
allow a more responsive GUI.

Added new configuration variables to allow the
graph renderer to decide whether or not to do layout animation.

Refresh of the module tree now uses the F5
hotkey by default.

Changed the line type of loop edges.

Fixed a zoom issue in the call graph when no
animation was used.

Changed the behavior of the refresh module
dialog such that there is no refresh anymore if no modules have been
changed.

Added icons which indicate the current state of
a module to the module table. Available states are now

Loaded (Green).

Converted (Dark gray).

Imported (Light gray).

Changed the settings dialog such that the user
can now select any of the log files.

Added more menus to allow the user to
selectively only import or import and load a module. (Used for batch
imports).

Changed the focus behavior of the ongoing
progress dialog to remove the window from popping up over other
windows.

Changed the behavior of the import dialog to
allow up to 20 parallel exports.

Added various selection mode enhancements to the
flow and call graphs:

Bug fixes:

Module loaded reply does not implicitly set the active thread
anymore: it was solely used for logging purposes -> less side
effects.

Unnecessary information from the debugger target information
reply has been removed.

Fixed a bug where the user couldn't resume the debugged
process after a module was loaded.

Fixed debugger toolbar button enable/disable logic.

The memory map is now re-requested by
binnavi if an error occurs after a read memory command:
The old design of the memory map update
mechanism was a classical tocttou race condition:
if the memory map changed in the future all subsequent memory reads
would fail.
since the new protocol needs to send the memory map early during
process creation,
the memory map is more likely to become outdated.

Case 2982: Fixed the bug where consecutive debugger runs always
caused the debug client to break on module load even if the
corresponding settings was not enabled.

Case 3067: The container for the graph view is now retrieved
from the graph model which was used to collect the trace.

Fixed bug causing remove breakpoint to fail.

Fixed bug in the exception parser which throw an exception due
to an empty exception name string.

Fixed exception while hitting echo breakpoints.

Fixed multiple issues with module loaded/unloaded events
and the synchronization with the debugger toolbar buttons.

Fixed layout issue in the debugger options dialog GUI.

Unloading of "fake modules" on Win7 X64 during process
creation is now handled gracefully.

Changed the layout of the Breakpoint
Table to show also the relocated address and the module name where
the breakpoint has been set in.

Changed the location of the get
breakpoints by module filter to the breakpoint storage so that it is
not necessary to copy things around.

Fixed the trace panel such as that in a multi module trace the
double click would yield the correct function as zoom result.

Database:

Module deletion from the database now completely removes the
modules information from the database.

Fixed a bug where ghost edges could result from a wrongly
optimized query and therefore make the loading of a function
impossible.

Converted postgresql_tables.sql to ASCII
encoding.

Changed some information in the postgresql_tables.sql such as
adding and verifying that all foreign keys are only set against rows
which have an index.

Commit fixes "order by" error which then caused function names
to be not aligned correctly with the functions.

Fixed queries which broke in the mySQL to PostgreSQL switch due
to strong reliance on mySQL default sort order.

Added code to update nodes only once per regenerate and not a
lot of times.

Added module_id to the temporary table query to drastically
reduce the numbers of items used for the table if there is already
data in the database.

Changed the behavior for trace saving by changing it to prepared
statement batch processing in the case of inserts for trace event
values and in case of trace events to use the query splitter. This
change was necessary because given that a database has only a small
max_allowed_packet_size saving the trace values in a single query
would result in an exception.

Changed the commit / transaction strategy for the postgres
conversion steps. This should enable us to have uninterrupted
commits to the database which are in themselves save vs. unsafe edge
loosing.

removed support for ida2sql from BinNavi due to the switch to
PostgreSQL.

Fixed a nasty bug in the database update code which caused some
expression trees to be missing in the converted database as they
where not referenced by the expression_tree_ids table but used as
tree nodes in single places.

introduced cache functionality to only do a startup query once
therefore saving raw modules * 50ms - 50ms time on each database
connect.

CViewFunctions.java (changed the behavior of view deletion to
fix an error where a deleted view could cause the module loading
process to fail given there where global variables still referenced
in the deleted view but the nodes in the deleted view had not been
deleted.)

Miscellaneous:

Fixed a bug in register tracking which caused highlighting of
wrong lines of code for multi-line function comments.

Fixed a bug in graph search.

Copy to clipboard from menu bar now copies all the text.

Star changed event was not implemented in
cuserviewsmodel.java.

Brought back the separation between clickable and editable
objects

Fixed a bug that led to crashes when clicking on modules
in address spaces in the project tree

Fixed a bug that led to crashes when closing save-as-ed
views

Fixed a bug where global function comments were not shown
at each call site of the corresponding function (the comments were
only shown in the call graph)

Fixed multiple listener issues that could lead to an
unresponsive user interface.

Fixed an issue that led to an exception in the GUI when
creating a new project.

Fixed an issue that led to problems when closing
databases.

Fixed an issue that led to the operands menu not being
displayed in the code node context menu.

Fixed some icon transparency issues.

Got rid of the sub-nodes of view nodes and replaced them
with a filter.

Got rid of the typed function nodes in the project tree.

Ignore the reseller field in license files, we don't have
any resellers anymore.

More defensive output consuming of the IDA exporter
process.

Removed support for ruby scripting.

Fixed bugs in the python scripting.

Replaced MySQL with PostgreSQL in the BinNavi manual where
appropriate

A logger option changed so that there is no log file
overflow anymore in ridicules situations.

changed the handling of comments so we have a speed
improvement

changed the handling of zooming to addresses within graphs
which now makes it possible to zoom to addresses in the combined
call graph correctly.

Fixed bug where function inlineing results in an exception
for tree nodes without parents.

Fixed (2889) an issue where a project view could not be
loaded given the underlying module was not loaded.

Fixed a bug where an exception was generated due to the
fact that inlined functions had a different root node for their
local variables.

Fixed a bug where dqword was used instead of the term
oword which is std in all other parts in navi.

Fixed a bug where local edge comments = null caused a
exception on new comment store.

Fixed a multi threading issue where a private class field
was changed by multiple threads at ones causing a null pointer
exception.

Fixed a wrong concept where it was possible to inline
functions multiple times into the same source function leading to an
incorrect code flow.

Fixed an error where REIL registers where always present
in the register tracking even though we where not in REIL mode.

Fixed an issue where a broken module was killing the
database thread and no rollback was possible.

Fixed bug in the view delete function where non saved vies
could trigger an exception

Fixed case 2686. Fix was to match if the current node is
of type group node and then do not perform
any mouse coordinate to line mappings with highlighting.

Fixed case 2688. A group selection is now possible given
that the number of selected nodes in the current graph is larger
then one.

Fixed case 2796 and added the missing bindings so that
future versions can also use SCRIPT_CONSOLE to use the console
feature.

Fixed case 2862 by implementing filtering for the other
fields as well.

Fixed case 2898. Even though the behavior was already
implemented with a double right click on the line in question it was
rather unreasonable for a user to find the option hidde in such a
way.

Fixed case 2967. The issue was a missing .start() in the
progress panel.

Fixed case 3066 where given that a memory search was just
canceled an null pointer exception would happen as the called clone
function on a null object will raise this.

Fixed case 3072 where the regular expression highlighting
was broken due to a wrong argument to the function.

Fixed GUI error where a "never show
again" check box was in place without any reason.

Fixed small error in the tutorials/05 - Working with
Graphs II.xml where a regular expression was incorrect. (CASE 3058).

Fixed the bug where lines where not properly displayed in
the comment window.

Fixed the flow graph part of case 2892. Enhanced the
function node menu by the option to change the function name in the
flow graph.

Fixed the go to address dialog now completely it now also works
for the combined call graph case.

Fixed the issue where instructions where not properly displayed
in the instruction contexts menu.

found issues in REIL where one could not transform a graph from
native instructions to a REIL graph when any operand was larger then
0x8000000000000000. Which was the case with a presumably untested
shld x86 instruction.

Fixed functions may be in an integer range larger then the
postgresql integer range allows therefore the function table
argument must be replaced with a bigint type.

Fixed sorting bug in case 3004. Bug was Fixed by directly giving
a type to all the columns present in the table model used in this
specific case.

Fixed that we could not load all modules by loading the project
combined call graph.

Fixed IDA selection dialog files ( changed the behavior of the
install checker from default installed to not installed ).

Fixed Case 2277: Added the full path of dynamic libraries to the
debug window.

Fixed Case 2386: It is now possible to continue on first pass
exceptions.

Fixed Case 2481: REIL code is now available for a complete code
node in the flow graph window as well.

Fixed Case 2486: Show REIL code copy to clipboard is now
possible.

Fixed Case 2507: Modules are now really deleted from the
database when the delete is performed.

Fixed Case 2516: Fixed a bug where the "star view" button column
name was wrong.

Fixed Case 2861 where it was not possible to display a
REIL graph in the project view.

Fixed a bug related to large projects. the bug involved that
given you had two modules in the database with a basic block each at
the same address with the same number of instructions. Then the
query which is Fixed now would find at least one ghost edge between
the basic block in one module and another basic block in the second
module. As nodes are only loaded per view either the source or the
target node of the ghost edge was missing.

Changes in BinNavi 3.0.0 (August 1st 2010)

Feature: Added support for the analysis of 32 bit MIPS
code. You can now use BinNavi to analyze code from embedded MIPS
devices like Cisco routers.

Feature: Local variables can now be renamed.
This helps you to annotate the disassembled code with more
information.

Feature: Global variables can now be renamed (through a
context menu). This helps you annotate the code with more
information.

Feature: Cross-references to global variables are now
accessible in the main window. You can use this feature to quickly
find out what functions access what global variables.

Feature: Views, modules, and other elements of
BinNavi can now be starred to highlight them as particularly
important or interesting. This is very useful to quickly get back to
functions you previously considered interesting.

Feature: Added support for a faster C++ based exporter.
This allows you to import IDB files into the BinNavi database much
faster than the old Python exporter did.

Feature: Multiple IDB files can now be imported
simultaneously. This speeds up IDB importing significantly.

Feature: Made it easier to select multiple IDB
files from different directories for one batch import process. You
can now easily import modules from different directories in one
step.

Feature: Added support for conditional breakpoints.
You can now decide exactly when program execution should be stopped
on breakpoint hits.

Feature: The memory of the debugged target process can
now be edited. This allows you to make quick patches to the target
process memory.

Feature: Instruction operands like integer literals,
registers, and even complex formulas can now be followed in memory
during debugging.

Feature: When recording debug traces, the modules where
the trace events happened, the register values at the time of the
events and important memory sections are now recorded for each debug
event.

Feature: It is now possible to apply set operations (union,
intersection, difference) on recorded debug traces to quickly
isolate important debug events.

Feature: It is now possible to specify how often
breakpoints can be hit before they are removed during trace mode.
This allows users to record more complete traces than before.

Feature: Modified the semantics of trace mode to allow
the user to create new traces from the currently active breakpoints.

Feature: Instructions that use local or global
variables can now be highlighted in the disassembled code.

Feature: Special instructions like function calls or
memory access instructions can now be highlighted in the
disassembled code.

Feature: Optional statistical information
about functions is shown in call graph nodes to quickly give users
an idea about the size of functions.

Feature: Added a way to step to the end of a function
during debugging. This is a quick way to leave the current function
and continue debugging in the calling function.

Feature: Modules can now be sorted by name. This
makes it easier to find modules in large databases.

Feature: Removed the separation between raw modules and
modules to smoothen the BinNavi workflow.

Feature: Unsaved changes are now highlighted in the GUI
to show the user what he changed since he saved the last time.

Feature: Added non-blocking progress dialogs to allow the user to
continue working while long running tasks run in the background.

Feature: Added more hotkeys to make working with the
keyboard more comfortable.

Feature: The password to databases can now be shown in
plain text to remind the user of forgotten passwords.

Feature: Added a context menu to the tabs in graph
windows to close all graph views but the current one.

Feature: When debugging, the memory view now shows the
memory address at the position of the caret. This makes it easier to
navigate through the target process memory.

Feature: Added a context menu to the registers
view that allows the user to follow register pointers in the target
process memory.

Feature: The output of the scripting console can now be
saved to a file.

Feature: Previously created Debug by Criteria
expressions
are now available in a menu of the graph window for quick access.

Feature: New improved code editor for writing
scripts.

Feature: Renamed functions can have their name reverted
to the original name.

Feature: The hierarchy of existing node tags and view
tags can now be reorganized.

Feature: The correct thread IDs are now recorded for
debug events in trace mode.

Feature: Trace events can now be filtered to show only
those traces with a given register value or whose memory contains
specific values.

Feature: The Select by Criteria dialog can now be
extended by plugins.

Feature: Breakpoints are now tied to a module. This makes
it possible to relocate breakpoints automatically when the debugged
module is relocated.

Feature: The speed of echo breakpoint setting and removal
was improved drastically.

Feature: It is now possible to quickly set breakpoints on
the addresses of trace mode debug events.

Feature: It is now possible to quickly jump to the
instruction for which a trace mode debug event was recorded.

Feature: The user can split one basic blocks into two
basic blocks now. This is useful in combination with stepping to the
next basic block while debugging.

Feature: Information about the threads of the debugged
target process is now shown in BinNavi.

Feature: The threads of the debugged target process can
now be suspended and resumed.

Feature: ALT+Right-Click on local or global comments now
pops up a dialog to edit those comments.

Feature: Inlined functions can now be un-inlined.

Feature: During debugging the user can now access a panel
that shows the log of the debug events of the current debugging
session.

Feature: The addresses of instructions can now be copied
to the clipboard quickly (context menu of instructions in
disassembled code).

Feature: When functions references in disassembled code
have their name changed, the disassembled code is updated to reflect
this change.

Feature: It is now possible to change the name of
referenced functions in disassembled code through a context menu.

Feature: Memory addresses referenced in disassembled code
are now correctly rebased if the module itself is rebased.

Feature: Instruction operands in disassembled code can
now be shown as decimal numbers, hexadecimal numbers, or their
symbolic name.

Feature: Added context-sensitive help to many elements of
the BinNavi GUI.

Feature: Added a way to quickly show the REIL code of a
native instruction (context menu of the instruction).

Feature: Added a way to quickly find out what views
contain a given instructions (part of the table filter of views).

Feature: The views whose nodes are tagged with node tags
are now shown in the main window.

Feature: Stack values can now be copied to the clipboard.

Feature: Added more colors to distinguish between
different types of instruction operands.

Feature: BinNavi can now check whether exporters are
correctly installed and configured.

Feature: Added a way to quickly find views that share
instructions with any given view.

Feature: Really long function names are now displayed
more gracefully in the GUI.

Feature: Write access to the database has been improved.

Feature: Added a way to quickly select all nodes on the
paths between two graph nodes.

Bugfix: Open graph views are now notified about changing
debugger configurations.

REIL: Added support for 32 bit MIPS

Plugin API: The registers of the debugged target
process can now be edited.

Plugin API: The memory of the debugged target
process can now be edited.

Plugin API: The Select by Criteria dialog can
now be extended using plugins.

Plugin API: Debug trace events are now tied to
modules.

Plugin API: For each recorded debug trace event,
the register values and the recorded memory can be accessed.

Plugin API: Changed the semantics of CodeNode::addInstruction.
Instructions that are being inserted are now cloned before being
added. The cloned instruction is returned by the function.

Changes in BinNavi 2.2.0 (October 1st 2009)

Feature: Incoming call-references are now shown in the graph
window. This makes it very easy to find out what functions are
calling the function users are currently analyzing.

Feature: Added interactive tutorials for learning how to use BinNavi.
This makes it easier for new users of BinNavi to learn about the
most important BinNavi concepts.

Feature: Added the option to select from running processes when
selecting a debug target. This feature allows users to select
running processes of remote platforms from the BinNavi GUI instead
of the console of the remote system.

Feature: Added the option to use the BinNavi GUI to select a
file from the remote system for debugging. This allows users to
select a file from the remote system through the BinNavi GUI instead
of the console of the remote system.

Feature: REIL code can now be displayed as graphs just like regular code.
This is very useful for people who want to work with REIL code.

Feature: Added the option to turn a normal control flow graph into a data
flow graph

Feature: Added the option to connect a file with a module. This
makes it possible to display the data of the file in a hex viewer.

Feature: Previously recorded debug traces are now shown in the main window.
This feature allows users to quickly see all recorded debug traces
for their modules and to see what views contain nodes that were hit
by previously recorded debug traces.

Feature: Made several major improvements to our Windows Mobile
debugger

Feature: The debugger now collects information about loaded modules and
displays name, base address, and size of all active modules of a
process. This allows users to keep track of dynamically loaded and
unloaded libraries.

Feature: Relocated image bases of modules are automatically corrected
while debugging. It is not necessary anymore to specify the
relocated image bases of modules and dynamically loaded libraries
manually.

Feature: Function breakpoints can now be set from the functions table of
the main window. This is quicker than opening a function or the call
graph of a module first.

Feature: Added a way to filter the content of larger tables to make it
easier and quicker to find things. Using these filters users can
reduce the lines shown in tables to those lines that are relevant
for them.

Feature: Visual feedback is given if searching through a graph produces
no results. This makes it more obvious whether a search operation
produced results or not.

Feature: When searching through graphs, previous search strings are now
cached so that the user can easily search for them again at a later
point in time

Feature: Added the option to display a dialog that shows all search
results when searching through graphs. This dialog shows all search
results in a list which makes it easy to navigate between
interesting search results.

Feature: Addresses the user recently searched for in graphs are now kept
for later reuse. This is useful because users often want to go back
to addresses they previously visited.

Feature: Visual feedback is given if the user wants to jump to an address
that does not exist in a graph. This makes it more obvious whether
an instruction address exists in a graph or not.

Feature: Function nodes now display additional information about the
function they represent. This allows users to get an idea how large
the functions represented by function nodes are.

Feature: The module names of functions are now shown in call
graph
function nodes. Previously it was unclear to which module a function
belongs to if function nodes of multiple modules were shown in one
view.

Feature: The original function of a code node can now be opened from the
context menu of the code node. This allows users to quickly open the
original function of a code node from heavily modified views.

Feature: Added the option to review the available debugger options.
Previously this information was only shown once when first
connecting to a debugger. Now it is possible to display the
information again from the BinNavi GUI.

Feature: Graph windows can now be switched between a default perspective
and a debug perspective. This reduces clutter and makes the GUI less
complex.

Feature: Added the option to create non-existing databases right from
BinNavi. This makes it easier to get started with new databases
because it is not necessary to create new databases with external
tools anymore.

Feature: Added popup-descriptions to all settings options in the settings
dialog. It is now easier to modify settings without having to
consult the manual.

Feature: The zynamics GDB Agent can now be used from Linux and
Mac OS in addition to Windows.

Feature: Added a quick information label that displays information about
the last debug events during debugging.

Feature: Size information about sections is now shown in the memory
section box. This allows users to get an idea how large individual
memory sections of the target process are while debugging.

Feature: Added the option to stop waiting while section memory is loaded

Feature: Added the option to inline all called functions of a graph in
one step. This is useful for quickly determining all possible
control flow paths between two nodes including all control flow
paths in subfunctions.

Feature: Improved error messages throughout the program. This
allows user to get a better understanding of what went wrong and how
to fix the problem.

Feature: The database format can now support multiple instructions per
address. This makes it much easier to experiment with instruction
creation, for example while deobfuscating code.

Feature: Freshly created views are now now saved automatically
anymore. This makes it much less tedious to experiment with
automatic view creation because it is not necessary anymore to
delete previously created views.

Features: Error messages now have unique error IDs. This makes
it easier for us to find out what went wrong when users come across
bugs and report them to us.

Feature: Errors can now be reported using a single button click
in the error dialog. The error description is automatically sent to
our bug tracker and users will receive feedback through the email
address configured in their BinNavi settings.

Feature: Added a Python sample script that can be used to export comments
to IDA Pro. While this serves mainly as a demonstration script for
using the plugin API, it is also useful for users that want to
continue working with IDA Pro.

Feature: Added a new sample code coverage plugin that demonstrates how to
script the debugger. This plugin keeps track of what nodes of a view
are hit during a debug session and changes their background color
depending on how often they were hit.

Feature: Added a way to select function nodes of graphs by
function type.

Feature: Added a way to tag all nodes of a debug event trace
with a tag.

Feature: The font used in all comment dialogs was changed
to monospace.

Feature: The Trace Events table now has a context menu that
provides useful functions.

Feature: All comment dialogs can now be closed using CTRL-ENTER.

Feature: The DEL key can now be used to delete node tags in the
node tags tree.

Feature: The DEL key can now be used to delete traces in the
traces table.

Feature: The traces table now has a context menu that provides
useful functions.

Feature: Added the option to create combined callgraphs of all
modules of a project.

Feature: Improved the Pathfinder example plugin that is shipped
with source.

Bugfix: Fixed an issue that led to crashes when thread IDs >= 0x80000000
were seen during debugging

Bugfix: Fixed a thread leak that occurred when many modules were
assigned debuggers

Bugfix: Fixed an issue that led to problems when loading projects that
included modules that were loaded and other modules that were not
loaded

Bugfix: Fixed an issue that led to problems when views for traces with
zero events were requested

Bugfix: Fixed an issue that caused breakpoints not to be removed when
clicking the "Remove all breakpoints" button

Bugfix: Fixed an issue that led to incorrect register information shown
during debugging for threads that did not cause the last debug event

Bugfix: Fixed a bug that made the Save button of projects misbehave when
project debuggers were configured

Bugfix: Fixed a bug that led to incorrect behavior when saving/loading
edge colors

Bugfix: Fixed an error that led to incorrect results of the backtracking
algorithm when encountering certain XOR instructions

Bugfix: Fixed issues in the REIL translation of the x86 instructions
RCL, IMUL, and PUSHF

Plugin API: Added the option to execute SQL queries from the
plugin API. This makes it possible for users to query the SQL
database directly if necessary data is not easily available from the
plugin API.

Plugin API: Added the option to change the background color of
instructions code nodes. With this feature users can highlight
important instructions programmatically from plugins and scripts.
This improves the visualization of analysis algorithms.

Plugin API: Added the ability to create Instruction objects.
This is useful for users that need to create new instructions, for
example when they write analysis algorithms that modify existing
code.

Plugin API: Added the option to change the color of edges. This
feature allows users to give edge colors semantic meaning in the
context of their analysis algorithms.

Plugin API: Made the frame of GraphWindow objects available.
This frame object can be used by plugins as the parent frame of
dialogs and message boxes.

Plugin API: Improved the design of the Breakpoint API

Plugin API: Improved the design of the MemoryBookmark API

Plugin API: Harmonized the naming scheme of enumerations

Plugin API: Harmonized the functions of the MessageBox class

Plugin API: Many new methods added to the plugin API

Plugin API: Added the option to remove instructions from code nodes to the
plugin API

Plugin API: Added the option to remove databases from the plugin API

Plugin API: Added the option to listen to changes in DebuggerTemplate API
objects

Plugin API: Added the option to add debuggers to projects

Plugin API: Added the option to remove debuggers from projects

Plugin API: Added the option to retrieve all project debuggers

Plugin API: Added the option to delete address spaces

Plugin API: Fixed various bugs that left data loaded when
projects were closed

Plugin API: Added the option to listen on project debugger
events

Plugin API: Changed the behavior of Project::getFunctions to
return the functions of all loaded modules

Changes in BinNavi 1.5 (March 1st 2008)

Single stepping, stepping over calls, and stepping to the next basic block are now possible

Improved display for registers and memory

Debugger support for multi-threaded programs

Memory bookmarks

Improved breakpoint handling

Improved graph layout

Improved graph loading and rendering speed

Additional layout options

Support for line comments

Distinction between local comments and global comments

Search for functions by address

Improved search functionality in graphs

Mousewheel support to zoom graphs

Improved graph tooltips

Improved function inlining

Added magnifying glass mode

ZYNAMICS BINNAVI END USER LICENSE
AGREEMENT

PLEASE READ THE TERMS OF THIS SOFTWARE
LICENSE AGREEMENT ("AGREEMENT") GOVERNING THE USE OF THE SOFTWARE
AND RELATED DOCUMENTATION (AS FURTHER DEFINED BELOW) CAREFULLY BEFORE
USING THE SOFTWARE.

1. Introduction
and Acceptance. This Agreement is a legal agreement between
you (either an individual or an entity) (“YOU” or “YOUR”) and Google
Inc. (“Google”) regarding the use of Google's software known as
zynamics BinNavi, which includes user documentation provided in
electronic form (together, the "Google Software").

BEFORE YOU CLICK ON THE "I ACCEPT THE
TERMS IN THE LICENSE AGREEMENT" BUTTON AT THE END OF THIS DOCUMENT,
CAREFULLY READ THE TERMS AND CONDITIONS OF THIS AGREEMENT.
BY CLICKING ON THE "I ACCEPT THE TERMS IN THE LICENSE AGREEMENT" BUTTON,
YOU ARE AGREEING TO BE BOUND BY AND ARE BECOMING A PARTY TO THIS
AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
AGREEMENT, CLICK THE "CANCEL" BUTTON AND THE SOFTWARE WILL NOT BE
DOWNLOADED OR INSTALLED ON YOUR COMPUTER.

2. License
Grant. Subject to the restrictions set forth below, this
Agreement grants You a non-exclusive, royalty-free, perpetual license to
download, install and use one (1) copy of the specified version of
Google Software in object code format, for internal purposes only.
You may install and use one (1) copy of Google Software on a single
personal computer running a general purpose consumer operating system
and that does not operate as a server on a network. Google Software is
"in use" on a computer when it is loaded into the temporary memory
(i.e., RAM) or installed into the permanent memory (e.g., hard disk,
CD-ROM, or other storage device) of that computer. You understand and
agree that Google will have no obligation to provide any upgrades,
updates or fixes to Google Software. You further understand and agree
that Google does not provide maintenance for Google Software and will
not be under any obligation to do so. You understand and agree that you
will not use the software for any illegal purposes.

3. Ownership.
The license granted to You hereunder does not constitute a transfer or
sale of Google's ownership rights in or to Google Software. Except
for the license rights granted above, all right, title and interest,
including all Intellectual Property Rights, in and to Google Software,
and all copies thereof, are owned and retained by Google or its
licensors. "Intellectual Property Rights" means any and all rights
existing from time to time under patent law, copyright law, trade secret
law, trademark law, unfair competition law, and any and all other
proprietary rights, and any and all applications, renewals, extensions
and restorations thereof, now or hereafter in force and effect
worldwide. Google Software is licensed, not sold, to You for use only
under the terms of this Agreement, and Google reserves all rights not
expressly granted to You.

4. License
Restrictions. YOU MAY NOT RENT, LEASE, SUBLICENSE, SELL,
ASSIGN, LOAN OR OTHERWISE TRANSFER GOOGLE SOFTWARE OR ANY OF YOUR RIGHTS
AND OBLIGATIONS HEREUNDER. You may not reverse engineer, decompile, or
disassemble Google Software or attempt to circumvent any technical
restrictions included in the code, except to the extent the foregoing
restriction is expressly prohibited by applicable law. You may not
(i) remove or destroy any copyright notices or other proprietary
markings; (ii) modify or adapt Google Software, merge Google Software
into another program or create derivative works based on Google
Software; or (iii) provide, lease, lend, use for timesharing or service
bureau purposes, or otherwise use or allow others to use Google Software
for the benefit of third parties (through the Internet or otherwise).

5. Confidentiality.
You shall hold in the strictest confidence Google Software and any
related materials or information including, but not limited to, any
technical data, research, product plans or know-how provided by Google
to You, either directly or indirectly in writing, orally or by
inspection of tangible objects (“Confidential Information”).
You shall not disclose any Confidential Information to third parties,
including any of Your employees who do not have a need to know such
information and You shall take reasonable measures to protect the
secrecy of, and to avoid disclosure and unauthorized use of, the
Confidential Information. You shall immediately notify Google in
the event of any unauthorized or suspected use or disclosure of the
Confidential Information.

6. Termination.
This Agreement shall be effective upon installation of Google Software
and SHALL TERMINATE UPON THE EARLIER OF: (I) YOUR FAILURE TO COMPLY WITH
ANY TERM OF THIS AGREEMENT; OR (II) DESTRUCTION OR DELETION OF ALL
COPIES OF GOOGLE SOFTWARE IN YOUR POSSESSION. Google's rights and
Your obligations shall survive the termination of this Agreement.
Upon termination of this Agreement by Google, You shall certify in
writing to Google that all copies off Google Software, or any portion
thereof, have either been returned to Google or otherwise destroyed or
deleted from any of Your computer libraries or storage devices.

7. NO
WARRANTIES.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, GOOGLE AND ITS
LICENSORS PROVIDE THE SOFTWARE "AS IS" AND WITHOUT WARRANTY OF ANY KIND
AND EXPRESSLY DISCLAIMS WITH RESPECT TO THE SOFTWARE ALL WARRANTIES AND
CONDITIONS, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT
LIMITED TO, ANY WARRANTIES, DUTIES OR CONDITIONS OF OR RELATED TO:
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, CORRESPONDENCE TO
DESCRIPTION, NON-INFRINGEMENT OF THIRD PARTY RIGHTS, LACK OF VIRUSES,
ACCURACY OR COMPLETENESS OF RESPONSES, RESULTS, WORKMANLIKE EFFORT AND
LACK OF NEGLIGENCE. ALSO, THERE IS NO WARRANTY, DUTY OR CONDITION OF
TITLE, QUIET ENJOYMENT, OR QUIET POSSESSION. YOU ARE SOLELY RESPONSIBLE
FOR ANY DAMAGE TO YOUR COMPUTER, MOBILE DEVICE, OR ANY OTHER DEVICE, OR
LOSS OF DATA THAT RESULTS FROM YOUR USE OF THE SOFTWARE.

8. LIMITATION
OF LIABILITY. UNDER NO CIRCUMSTANCES WILL GOOGLE BE LIABLE FOR ANY
CONSEQUENTIAL, SPECIAL, INDIRECT, INCIDENTAL OR PUNITIVE DAMAGES
WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS
PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, LOSS OF
DATA OR OTHERSUCH
PECUNIARY LOSS) ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE,
EVEN IF GOOGLE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
IN NO EVENT SHALL GOOGLE'S AGGREGATE LIABILITY FOR DAMAGES ARISING OUT
OF THIS AGREEMENT EXCEED THE GREATOR OF (1) THE AMOUNT PAID TO GOOGLE
FOR THE SOFTWARE UNDER THIS AGREEMENT OR (2) U.S. $100.00.

9. INDEMNITY.
You agree to defend, indemnify and hold harmless Google, its officers,
directors, employees, and agents, from and against any and all claims,
damages, obligations, losses, liabilities, costs or debt, and expenses
(including but not limited to attorney's fees) arising from: (i) Your
use of and access to Google Software; (ii) Your violation of any of the
terms of this Agreement; or (iii) Your violation of any third party
right, including without limitation any copyright, property, or privacy
right, arising out of Your use of and access to Google Software. This
defense and indemnification obligation will survive this Agreement and
Your use of Google Software.

11. Export
Restrictions. You may not export or re-export: (i) Google
Software without the prior written consent of Google; and (ii) Google
Software without complying with applicable export control laws and
obtaining any necessary permits and licenses.

12. Changes
to the terms of this Agreement. Google
may make changes to this Agreement from time to time. When these changes
are made, Google will make any new/additional terms available to You.
You understand and agree that if You use Google Software after the date
on which terms have changed, Google will treat Your use as acceptance of
the new/additional terms.

13. General.
This Agreement is governed by the laws of the State of California,
excluding its conflicts of laws principles. You agree to the
exclusive jurisdiction and venue of the state and federal courts located
in County of San Mateo, California. If any provision of this
Agreement is held by a court of competent jurisdiction to be contrary to
law, such provision shall be changed and interpreted so as to best
accomplish the objectives of the original provision to the fullest
extent allowed by law and the remaining provisions of this Agreement
shall remain in full force and effect. The headings in this
Agreement are inserted for convenience only and do not affect its
interpretation. You may not assign this Agreement, whether by
operation of law, merger or reorganization, without the prior written
consent of Google; any attempted assignment in violation of the
foregoing will be void. Google may assign this Agreement in
connection with a reorganization, reincorporation, merger, or sale of
all, or substantially all of the shares or assets of Google. This
Agreement constitutes the final, complete and exclusive agreement
between the parties with respect to Your use of Google Software and
supersedes any prior or contemporaneous representations or agreements,
whether written or oral. Any company names, logos, and product
names displayed in Google Software are subject to United States' and
international copyright, trademark and intellectual property laws and
You may not reproduce or distribute any such company names, logos or
product names without the express written consent of their respective
owners.

14. Questions. Should
You have any questions concerning this Agreement, or if You desire to
contact Google for any reason, please contact:zynamics-support@google.com.